diff --git a/lib/bin/VMProtectSDK32.dll b/lib/bin/VMProtectSDK32.dll deleted file mode 100644 index 5b32d087..00000000 Binary files a/lib/bin/VMProtectSDK32.dll and /dev/null differ diff --git a/lib/bin/VMProtectSDK32.lib b/lib/bin/VMProtectSDK32.lib deleted file mode 100644 index 1111795a..00000000 Binary files a/lib/bin/VMProtectSDK32.lib and /dev/null differ diff --git a/lib/include/VMProtect/VMProtectSDK.h b/lib/include/VMProtect/VMProtectSDK.h deleted file mode 100644 index 3368ddac..00000000 --- a/lib/include/VMProtect/VMProtectSDK.h +++ /dev/null @@ -1,102 +0,0 @@ -#pragma once - -#if defined(__APPLE__) || defined(__unix__) -#define VMP_IMPORT -#define VMP_API -#define VMP_WCHAR unsigned short -#else -#define VMP_IMPORT __declspec(dllimport) -#define VMP_API __stdcall -#define VMP_WCHAR wchar_t -#ifdef _WIN64 - #pragma comment(lib, "VMProtectSDK64.lib") -#else - #pragma comment(lib, "VMProtectSDK32.lib") -#endif // _WIN64 -#endif // __APPLE__ || __unix__ - -#ifdef __cplusplus -extern "C" { -#endif - -// protection -VMP_IMPORT void VMP_API VMProtectBegin(const char *); -VMP_IMPORT void VMP_API VMProtectBeginVirtualization(const char *); -VMP_IMPORT void VMP_API VMProtectBeginMutation(const char *); -VMP_IMPORT void VMP_API VMProtectBeginUltra(const char *); -VMP_IMPORT void VMP_API VMProtectBeginVirtualizationLockByKey(const char *); -VMP_IMPORT void VMP_API VMProtectBeginUltraLockByKey(const char *); -VMP_IMPORT void VMP_API VMProtectEnd(void); - -// utils -VMP_IMPORT bool VMP_API VMProtectIsProtected(); -VMP_IMPORT bool VMP_API VMProtectIsDebuggerPresent(bool); -VMP_IMPORT bool VMP_API VMProtectIsVirtualMachinePresent(void); -VMP_IMPORT bool VMP_API VMProtectIsValidImageCRC(void); -VMP_IMPORT const char * VMP_API VMProtectDecryptStringA(const char *value); -VMP_IMPORT const VMP_WCHAR * VMP_API VMProtectDecryptStringW(const VMP_WCHAR *value); -VMP_IMPORT bool VMP_API VMProtectFreeString(const void *value); - -// licensing -enum VMProtectSerialStateFlags -{ - SERIAL_STATE_SUCCESS = 0, - SERIAL_STATE_FLAG_CORRUPTED = 0x00000001, - SERIAL_STATE_FLAG_INVALID = 0x00000002, - SERIAL_STATE_FLAG_BLACKLISTED = 0x00000004, - SERIAL_STATE_FLAG_DATE_EXPIRED = 0x00000008, - SERIAL_STATE_FLAG_RUNNING_TIME_OVER = 0x00000010, - SERIAL_STATE_FLAG_BAD_HWID = 0x00000020, - SERIAL_STATE_FLAG_MAX_BUILD_EXPIRED = 0x00000040, -}; - -#pragma pack(push, 1) -typedef struct -{ - unsigned short wYear; - unsigned char bMonth; - unsigned char bDay; -} VMProtectDate; - -typedef struct -{ - int nState; // VMProtectSerialStateFlags - VMP_WCHAR wUserName[256]; // user name - VMP_WCHAR wEMail[256]; // email - VMProtectDate dtExpire; // date of serial number expiration - VMProtectDate dtMaxBuild; // max date of build, that will accept this key - int bRunningTime; // running time in minutes - unsigned char nUserDataLength; // length of user data in bUserData - unsigned char bUserData[255]; // up to 255 bytes of user data -} VMProtectSerialNumberData; -#pragma pack(pop) - -VMP_IMPORT int VMP_API VMProtectSetSerialNumber(const char *serial); -VMP_IMPORT int VMP_API VMProtectGetSerialNumberState(); -VMP_IMPORT bool VMP_API VMProtectGetSerialNumberData(VMProtectSerialNumberData *data, int size); -VMP_IMPORT int VMP_API VMProtectGetCurrentHWID(char *hwid, int size); - -// activation -enum VMProtectActivationFlags -{ - ACTIVATION_OK = 0, - ACTIVATION_SMALL_BUFFER, - ACTIVATION_NO_CONNECTION, - ACTIVATION_BAD_REPLY, - ACTIVATION_BANNED, - ACTIVATION_CORRUPTED, - ACTIVATION_BAD_CODE, - ACTIVATION_ALREADY_USED, - ACTIVATION_SERIAL_UNKNOWN, - ACTIVATION_EXPIRED, - ACTIVATION_NOT_AVAILABLE -}; - -VMP_IMPORT int VMP_API VMProtectActivateLicense(const char *code, char *serial, int size); -VMP_IMPORT int VMP_API VMProtectDeactivateLicense(const char *serial); -VMP_IMPORT int VMP_API VMProtectGetOfflineActivationString(const char *code, char *buf, int size); -VMP_IMPORT int VMP_API VMProtectGetOfflineDeactivationString(const char *serial, char *buf, int size); - -#ifdef __cplusplus -} -#endif diff --git a/premake5.lua b/premake5.lua index 93fa8ce9..fd88521c 100644 --- a/premake5.lua +++ b/premake5.lua @@ -269,9 +269,6 @@ workspace "iw4x" "./src", "./lib/include", } - syslibdirs { - "./lib/bin", - } resincludedirs { "$(ProjectDir)src" -- fix for VS IDE } diff --git a/src/Components/Modules/AntiCheat.cpp b/src/Components/Modules/AntiCheat.cpp index 496ef495..35f128ae 100644 --- a/src/Components/Modules/AntiCheat.cpp +++ b/src/Components/Modules/AntiCheat.cpp @@ -36,7 +36,6 @@ namespace Components void AntiCheat::CrashClient() { - __VMProtectBeginUltra(""); #ifdef DEBUG_DETECTIONS Logger::Flush(); MessageBoxA(nullptr, "Check the log for more information!", "AntiCheat triggered", MB_ICONERROR); @@ -52,12 +51,10 @@ namespace Components }); } #endif - __VMProtectEnd; } void AntiCheat::AssertCalleeModule(void* callee) { - __VMProtectBeginUltra(""); HMODULE hModuleSelf = nullptr, hModuleTarget = nullptr, hModuleProcess = GetModuleHandleA(nullptr); GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, reinterpret_cast(callee), &hModuleTarget); GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, reinterpret_cast(AntiCheat::AssertCalleeModule), &hModuleSelf); @@ -73,12 +70,10 @@ namespace Components AntiCheat::CrashClient(); } - __VMProtectEnd; } void AntiCheat::InitLoadLibHook() { - __VMProtectBeginUltra(""); static uint8_t kernel32Str[] = { 0xB4, 0x9A, 0x8D, 0xB1, 0x9A, 0x93, 0xCC, 0xCD, 0xD1, 0x9B, 0x93, 0x93 }; // KerNel32.dll static uint8_t loadLibAStr[] = { 0xB3, 0x90, 0x9E, 0x9B, 0xB3, 0x96, 0x9D, 0x8D, 0x9E, 0x8D, 0x86, 0xBE }; // LoadLibraryA static uint8_t loadLibWStr[] = { 0xB3, 0x90, 0x9E, 0x9B, 0xB3, 0x96, 0x9D, 0x8D, 0x9E, 0x8D, 0x86, 0xA8 }; // LoadLibraryW @@ -138,13 +133,10 @@ namespace Components Utils::Hook::Signature signature(ntdll, Utils::GetModuleSize(ntdll)); signature.add(container); //signature.process(); - - __VMProtectEnd; } void AntiCheat::ReadIntegrityCheck() { - __VMProtectBeginUltra(""); #ifdef PROCTECT_PROCESS static Utils::Time::Interval check; @@ -166,12 +158,10 @@ namespace Components // Set the integrity flag AntiCheat::Flags |= AntiCheat::IntergrityFlag::READ_INTEGRITY_CHECK; #endif - __VMProtectEnd; } void AntiCheat::FlagIntegrityCheck() { - __VMProtectBeginUltra(""); static Utils::Time::Interval check; if (check.elapsed(30s)) @@ -189,12 +179,10 @@ namespace Components AntiCheat::CrashClient(); } } - __VMProtectEnd; } void AntiCheat::ScanIntegrityCheck() { - __VMProtectBeginUltra(""); // If there was no check within the last 40 seconds, crash! if (AntiCheat::LastCheck.elapsed(40s)) { @@ -207,12 +195,10 @@ namespace Components // Set the integrity flag AntiCheat::Flags |= AntiCheat::IntergrityFlag::SCAN_INTEGRITY_CHECK; - __VMProtectEnd; } void AntiCheat::PerformScan() { - __VMProtectBeginUltra(""); static std::optional hashVal; // Perform check only every 20 seconds @@ -243,12 +229,10 @@ namespace Components // Set the memory scan flag AntiCheat::Flags |= AntiCheat::IntergrityFlag::MEMORY_SCAN; - __VMProtectEnd; } void AntiCheat::QuickCodeScanner1() { - __VMProtectBeginUltra(""); static Utils::Time::Interval interval; static std::optional hashVal; @@ -267,12 +251,10 @@ namespace Components } hashVal.emplace(hash); - __VMProtectEnd; } void AntiCheat::QuickCodeScanner2() { - __VMProtectBeginUltra(""); static Utils::Time::Interval interval; static std::optional hashVal; @@ -287,7 +269,6 @@ namespace Components } hashVal.emplace(hash); - __VMProtectEnd; } #ifdef DEBUG_LOAD_LIBRARY @@ -433,7 +414,6 @@ namespace Components bool AntiCheat::IsPageChangeAllowed(void* callee, void* addr, size_t len) { - __VMProtectBeginUltra(""); HMODULE hModuleSelf = nullptr, hModuleTarget = nullptr, hModuleMain = GetModuleHandle(nullptr); GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, reinterpret_cast(callee), &hModuleTarget); GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, reinterpret_cast(AntiCheat::IsPageChangeAllowed), &hModuleSelf); @@ -450,40 +430,34 @@ namespace Components } } - __VMProtectEnd; return true; } BOOL WINAPI AntiCheat::VirtualProtectStub(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect) { - __VMProtectBeginUltra(""); if (!AntiCheat::IsPageChangeAllowed(_ReturnAddress(), lpAddress, dwSize)) return FALSE; AntiCheat::VirtualProtectHook[0].uninstall(false); BOOL result = VirtualProtect(lpAddress, dwSize, flNewProtect, lpflOldProtect); AntiCheat::VirtualProtectHook[0].install(false); - __VMProtectEnd; return result; } BOOL WINAPI AntiCheat::VirtualProtectExStub(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect) { - __VMProtectBeginUltra(""); if (GetCurrentProcessId() == GetProcessId(hProcess) && !AntiCheat::IsPageChangeAllowed(_ReturnAddress(), lpAddress, dwSize)) return FALSE; AntiCheat::VirtualProtectHook[1].uninstall(false); BOOL result = VirtualProtectEx(hProcess, lpAddress, dwSize, flNewProtect, lpflOldProtect); AntiCheat::VirtualProtectHook[1].install(false); - __VMProtectEnd; return result; } unsigned long AntiCheat::ProtectProcess() { #ifdef PROCTECT_PROCESS - __VMProtectBeginUltra(""); Utils::Memory::Allocator allocator; @@ -611,8 +585,6 @@ namespace Components if (!InitializeSecurityDescriptor(pSecDesc, SECURITY_DESCRIPTOR_REVISION)) return GetLastError(); if (!SetSecurityDescriptorDacl(pSecDesc, TRUE, pDacl, FALSE)) return GetLastError(); - __VMProtectEnd; - return SetSecurityInfo( GetCurrentProcess(), SE_KERNEL_OBJECT, // process object @@ -629,8 +601,6 @@ namespace Components void AntiCheat::AcquireDebugPrivilege(HANDLE hToken) { - __VMProtectBeginUltra(""); - LUID luid; TOKEN_PRIVILEGES tp = { 0 }; DWORD cb = sizeof(TOKEN_PRIVILEGES); @@ -641,22 +611,16 @@ namespace Components tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, FALSE, &tp, cb, nullptr, nullptr); //if (GetLastError() != ERROR_SUCCESS) return; - - __VMProtectEnd; } void AntiCheat::PatchVirtualProtect(void* vp, void* vpex) { - __VMProtectBeginUltra(""); AntiCheat::VirtualProtectHook[1].initialize(vpex, AntiCheat::VirtualProtectExStub, HOOK_JUMP)->install(true, true); AntiCheat::VirtualProtectHook[0].initialize(vp, AntiCheat::VirtualProtectStub, HOOK_JUMP)->install(true, true); - __VMProtectEnd; } NTSTATUS NTAPI AntiCheat::NtCreateThreadExStub(PHANDLE phThread, ACCESS_MASK desiredAccess, LPVOID objectAttributes, HANDLE processHandle, LPTHREAD_START_ROUTINE startAddress, LPVOID parameter, BOOL createSuspended, DWORD stackZeroBits, DWORD sizeOfStackCommit, DWORD sizeOfStackReserve, LPVOID bytesBuffer) { - __VMProtectBeginUltra(""); - HANDLE hThread = nullptr; std::lock_guard _(AntiCheat::ThreadMutex); @@ -671,15 +635,11 @@ namespace Components AntiCheat::OwnThreadIds.push_back(GetThreadId(hThread)); } - __VMProtectEnd; - return result; } void AntiCheat::PatchThreadCreation() { - __VMProtectBeginUltra(""); - HMODULE ntdll = Utils::GetNTDLL(); if (ntdll) { @@ -690,19 +650,15 @@ namespace Components AntiCheat::CreateThreadHook.initialize(createThread, AntiCheat::NtCreateThreadExStub, HOOK_JUMP)->install(); } } - - __VMProtectEnd; } int AntiCheat::ValidateThreadTermination(void* addr) { - __VMProtectBeginUltra(""); { std::lock_guard _(AntiCheat::ThreadMutex); DWORD id = GetCurrentThreadId(); - auto threadHook = AntiCheat::ThreadHookMap.find(id); - if (threadHook != AntiCheat::ThreadHookMap.end()) + if (const auto threadHook = AntiCheat::ThreadHookMap.find(id); threadHook != AntiCheat::ThreadHookMap.end()) { threadHook->second->uninstall(false); AntiCheat::ThreadHookMap.erase(threadHook); // Uninstall and delete the hook @@ -717,7 +673,7 @@ namespace Components // It would be better to wait for the thread // but we don't know if there are multiple hooks at the same address bool found = false; - for (auto threadHook : AntiCheat::ThreadHookMap) + for (const auto& threadHook : AntiCheat::ThreadHookMap) { if (threadHook.second->getAddress() == addr) { @@ -730,8 +686,6 @@ namespace Components std::this_thread::sleep_for(10ms); } - __VMProtectEnd; - return 0; // Don't kill } @@ -773,7 +727,6 @@ namespace Components void AntiCheat::VerifyThreadIntegrity() { - __VMProtectBeginUltra(""); bool kill = true; { std::lock_guard _(AntiCheat::ThreadMutex); @@ -821,71 +774,67 @@ namespace Components } } } - __VMProtectEnd; } - void AntiCheat::SystemTimeDiff(LPSYSTEMTIME stA, LPSYSTEMTIME stB, LPSYSTEMTIME stC) { - FILETIME ftA, ftB, ftC; - ULARGE_INTEGER uiA, uiB, uiC; + void AntiCheat::SystemTimeDiff(LPSYSTEMTIME stA, LPSYSTEMTIME stB, LPSYSTEMTIME stC) + { + FILETIME ftA, ftB, ftC; + ULARGE_INTEGER uiA, uiB, uiC; - SystemTimeToFileTime(stA, &ftA); - SystemTimeToFileTime(stB, &ftB); - uiA.HighPart = ftA.dwHighDateTime; - uiA.LowPart = ftA.dwLowDateTime; - uiB.HighPart = ftB.dwHighDateTime; - uiB.LowPart = ftB.dwLowDateTime; + SystemTimeToFileTime(stA, &ftA); + SystemTimeToFileTime(stB, &ftB); + uiA.HighPart = ftA.dwHighDateTime; + uiA.LowPart = ftA.dwLowDateTime; + uiB.HighPart = ftB.dwHighDateTime; + uiB.LowPart = ftB.dwLowDateTime; - uiC.QuadPart = uiA.QuadPart - uiB.QuadPart; + uiC.QuadPart = uiA.QuadPart - uiB.QuadPart; - ftC.dwHighDateTime = uiC.HighPart; - ftC.dwLowDateTime = uiC.LowPart; - FileTimeToSystemTime(&ftC, stC); - } + ftC.dwHighDateTime = uiC.HighPart; + ftC.dwLowDateTime = uiC.LowPart; + FileTimeToSystemTime(&ftC, stC); + } - void AntiCheat::CheckStartupTime() - { - __VMProtectBeginUltra(""); - FILETIME creation, exit, kernel, user; - SYSTEMTIME current, creationSt, diffSt; + void AntiCheat::CheckStartupTime() + { + FILETIME creation, exit, kernel, user; + SYSTEMTIME current, creationSt, diffSt; - GetSystemTime(¤t); - GetProcessTimes(GetCurrentProcess(), &creation, &exit, &kernel, &user); + GetSystemTime(¤t); + GetProcessTimes(GetCurrentProcess(), &creation, &exit, &kernel, &user); - FileTimeToSystemTime(&creation, &creationSt); - AntiCheat::SystemTimeDiff(¤t, &creationSt, &diffSt); + FileTimeToSystemTime(&creation, &creationSt); + AntiCheat::SystemTimeDiff(¤t, &creationSt, &diffSt); #ifdef DEBUG - char buf[512]; - snprintf(buf, 512, "creation: %d:%d:%d:%d\n", creationSt.wHour, creationSt.wMinute, creationSt.wSecond, creationSt.wMilliseconds); - OutputDebugStringA(buf); + char buf[512]; + snprintf(buf, 512, "creation: %d:%d:%d:%d\n", creationSt.wHour, creationSt.wMinute, creationSt.wSecond, creationSt.wMilliseconds); + OutputDebugStringA(buf); - snprintf(buf, 512, "current: %d:%d:%d:%d\n", current.wHour, current.wMinute, current.wSecond, current.wMilliseconds); - OutputDebugStringA(buf); + snprintf(buf, 512, "current: %d:%d:%d:%d\n", current.wHour, current.wMinute, current.wSecond, current.wMilliseconds); + OutputDebugStringA(buf); - snprintf(buf, 512, "diff: %d:%d:%d:%d\n", diffSt.wHour, diffSt.wMinute, diffSt.wSecond, diffSt.wMilliseconds); - OutputDebugStringA(buf); + snprintf(buf, 512, "diff: %d:%d:%d:%d\n", diffSt.wHour, diffSt.wMinute, diffSt.wSecond, diffSt.wMilliseconds); + OutputDebugStringA(buf); #endif - // crash client if they are using process suspension to inject dlls during startup (aka before we got to here) - // maybe tweak this value depending on what the above logging reveals during testing, - // but 5 seconds seems about right for now - int time = diffSt.wMilliseconds + (diffSt.wSecond * 1000) + (diffSt.wMinute * 1000 * 60); - if (time > 5000) { - Components::AntiCheat::CrashClient(); - } + // crash client if they are using process suspension to inject dlls during startup (aka before we got to here) + // maybe tweak this value depending on what the above logging reveals during testing, + // but 5 seconds seems about right for now + int time = diffSt.wMilliseconds + (diffSt.wSecond * 1000) + (diffSt.wMinute * 1000 * 60); + if (time > 5000) + { + Components::AntiCheat::CrashClient(); + } - // use below for logging when using StartSuspended.exe - // FILE* f = fopen("times.txt", "a"); - // fwrite(buf, 1, strlen(buf), f); - // fclose(f); - - __VMProtectEnd; - } + // use below for logging when using StartSuspended.exe + // FILE* f = fopen("times.txt", "a"); + // fwrite(buf, 1, strlen(buf), f); + // fclose(f); + } AntiCheat::AntiCheat() { - __VMProtectBeginUltra(""); - time(nullptr); AntiCheat::Flags = NO_FLAG; @@ -921,8 +870,6 @@ namespace Components AntiCheat::Flags |= AntiCheat::IntergrityFlag::INITIALIZATION; #endif - - __VMProtectEnd; } AntiCheat::~AntiCheat() diff --git a/src/Components/Modules/AntiCheat.hpp b/src/Components/Modules/AntiCheat.hpp index 9cbb2ff3..53f5ae83 100644 --- a/src/Components/Modules/AntiCheat.hpp +++ b/src/Components/Modules/AntiCheat.hpp @@ -54,8 +54,8 @@ namespace Components static void UninstallLibHook(); static void InstallLibHook(); - static void CheckStartupTime(); - static void SystemTimeDiff(LPSYSTEMTIME stA, LPSYSTEMTIME stB, LPSYSTEMTIME stC); + static void CheckStartupTime(); + static void SystemTimeDiff(LPSYSTEMTIME stA, LPSYSTEMTIME stB, LPSYSTEMTIME stC); private: enum IntergrityFlag diff --git a/src/STDInclude.hpp b/src/STDInclude.hpp index bdec22d1..4480f216 100644 --- a/src/STDInclude.hpp +++ b/src/STDInclude.hpp @@ -90,17 +90,6 @@ #undef min #endif -// VMProtect -// #define USE_VMP -#ifdef USE_VMP -#include -#define __VMProtectBeginUltra VMProtectBeginUltra -#define __VMProtectEnd VMProtectEnd() -#else -#define __VMProtectBeginUltra -#define __VMProtectEnd -#endif - // Protobuf #include "proto/session.pb.h" #include "proto/party.pb.h"